ISO 27001

ISO 27001 certification demonstrates our compliance with internationally recognised standards of information security. Gaining the certification gives
our customers and stakeholders confidence that their data and information is held safely. It allows for secure exchange of information internationally
and shows consistency in the delivery of our products and services under the technical and operational requirements necessary to prevent a data breach
for our customers.

The ISO 27001 certification shows that:

We are required to document our customers' data, and how we protect it

We provide customers with a framework showing how we meet legal obligations

We keep up to date with constantly evolving data security threats

We constantly provide customers with convincing evidence that we take necessary measures to comply with the data security requirements set out by GDPR

View the certificates

Our focus on technical compliance

Having a Broad Risk Management Approach, SD Worx understands the technical requirements of legal data compliance and continuously closes all gaps in areas
at risk of non-compliance, meaning that our customers' data is always secure.

Our technical and organisational measures are ever-improving through Encryption and Anonymisation.

Our focus on colleague compliance

SD Worx has a GDPR readiness team who action plans for all business areas and give a full audit of our GDPR programme.

We have a continuous full review of all incident, security & privacy policies and processes to ensure integration of GDPR requirements featuring risk
assessments across all relevant areas of business.

Our colleagues have the right training, providing them with a greater understanding of data security risks and compliance requirements which heavily reduce
our customers' exposure to security threats.

Our focus on product compliance

The General Data Protection Regulation has established a new set of rights that apply to all organisations that process and handle the data of EU individuals.
The Regulation also strengthens some of the rights set out under the Data Protection Act 1998.

We take GDPR as seriously as you do. For this reason, we are working towards making our product range as fully-compliant with the Regulation as possible.